Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa
File: PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa (raw, json)
Hash identifier: 5dHIigCSlJsB3go+Brg2sevV9LIQTUqp/QnCZ75khpk=
Subject key identifier: 3E:64:3B:0F:63:23:EB:BC:8A:B5:0F:5C:AF:51:A2:4C:BB:2F:E6:08
Certificate issuer: /CN=a6a88b0887c32de5966f81ff915d6b5ff31532dd
Certificate serial: 018C3931CFBB9A947EE8325F7A82F1D21B26
Authority key identifier: A6:A8:8B:08:87:C3:2D:E5:96:6F:81:FF:91:5D:6B:5F:F3:15:32:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqiLCIfDLeWWb4H_kV1rX_MVMt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa
Signing time: Tue 05 Dec 2023 08:56:54 +0000
ROA not before: Tue 05 Dec 2023 08:56:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206730
IP address blocks: 185.166.48.0/22 maxlen: 22
2a0a:8a00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:31:cf:bb:9a:94:7e:e8:32:5f:7a:82:f1:d2:1b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a88b0887c32de5966f81ff915d6b5ff31532dd
Validity
Not Before: Dec 5 08:56:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e643b0f6323ebbc8ab50f5caf51a24cbb2fe608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:99:dc:61:6f:ff:b8:f7:17:2f:91:d6:4b:dd:
ca:30:52:47:95:e7:1e:e6:8f:7a:86:2d:77:ad:42:
0f:53:58:83:26:ed:80:52:9b:8d:5b:03:02:eb:19:
77:2b:04:a0:12:93:49:c5:08:5e:04:3c:4f:3f:e5:
c5:ec:af:12:57:20:9b:8c:2d:f5:ec:16:d4:c1:85:
f1:68:3f:62:04:ac:72:3f:37:9d:65:c0:7e:a5:e7:
ec:47:bc:31:65:8a:6b:08:ad:92:0e:6b:c4:a2:61:
44:16:5f:df:b1:4b:78:8b:2e:6e:32:2f:3c:3e:4e:
23:d5:85:c8:c5:ec:ad:0f:9a:60:43:b5:70:af:19:
bb:42:07:85:51:ff:88:2b:27:58:55:f7:e6:ad:5d:
f1:c0:65:ae:33:10:69:61:ad:fe:d0:a6:53:ba:77:
4c:a8:bd:0e:bd:e0:6a:53:3d:ca:6a:7f:0e:68:1a:
74:29:41:73:da:57:12:f6:bb:ca:d0:9e:f1:fc:11:
a8:d4:2e:df:fb:80:13:5c:de:ea:c7:43:34:fc:54:
8e:bf:db:a5:3d:65:ab:d0:4b:de:99:fc:92:88:be:
d3:89:39:71:0f:4b:4f:60:2c:df:46:7e:11:ef:3d:
bf:74:54:e3:82:cd:1e:73:8b:77:6e:c0:44:7f:c1:
4f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:64:3B:0F:63:23:EB:BC:8A:B5:0F:5C:AF:51:A2:4C:BB:2F:E6:08
X509v3 Authority Key Identifier:
keyid:A6:A8:8B:08:87:C3:2D:E5:96:6F:81:FF:91:5D:6B:5F:F3:15:32:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqiLCIfDLeWWb4H_kV1rX_MVMt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/PmQ7D2Mj67yKtQ9cr1GiTLsv5gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/98c609-07fa-4e2b-b476-6a29bc9f8a78/1/pqiLCIfDLeWWb4H_kV1rX_MVMt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.48.0/22
IPv6:
2a0a:8a00::/32
Signature Algorithm: sha256WithRSAEncryption
10:22:ae:e7:a2:1c:9c:d0:ef:a3:83:ed:db:2d:dc:d0:35:89:
f4:54:33:71:80:11:26:b3:95:38:ba:f7:6f:70:80:29:d2:62:
1f:33:0c:4b:83:2f:47:00:7f:4d:d8:cd:49:6e:1b:9d:f9:c9:
e6:0f:11:d0:46:bf:61:1e:ad:40:27:dc:b1:4f:4a:dd:30:bd:
1f:35:9d:a8:c6:28:32:57:c7:d4:3a:dd:97:4a:24:e7:9f:46:
20:15:e9:f8:53:9e:08:d6:18:d2:66:88:d6:ff:ae:89:26:ae:
59:f0:00:1b:8b:e6:ff:12:86:fc:f2:2e:8d:8d:8f:79:5c:cd:
d5:a5:57:20:e2:28:f1:5f:64:96:0c:28:8f:97:63:d5:28:90:
8e:c5:1b:46:b1:bf:12:5e:e7:4f:65:ae:c8:49:cd:a7:c4:b1:
77:8a:95:84:9a:9c:15:40:99:75:bf:34:54:e8:41:5c:16:1f:
98:5d:4a:76:c6:93:e4:cc:47:13:58:8f:af:7f:42:75:49:4a:
65:0b:d1:98:d9:90:ad:0a:49:cc:ec:f7:1f:12:59:0a:bc:1f:
92:ed:d0:d5:79:dd:30:37:00:65:21:06:17:a3:05:0f:f7:db:
f2:4c:2a:c7:c8:fe:dd:61:cd:dc:a2:02:1a:a8:d5:49:ac:48:
9c:2d:15:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw5Mc+7mpR+6DJfeoLx0hsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTg4YjA4ODdjMzJkZTU5NjZmODFmZjkxNWQ2YjVmZjMx
NTMyZGQwHhcNMjMxMjA1MDg1NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTY0M2IwZjYzMjNlYmJjOGFiNTBmNWNhZjUxYTI0Y2JiMmZlNjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJncYW//uPcXL5HWS93KMFJHlece
5o96hi13rUIPU1iDJu2AUpuNWwMC6xl3KwSgEpNJxQheBDxPP+XF7K8SVyCbjC31
7BbUwYXxaD9iBKxyPzedZcB+pefsR7wxZYprCK2SDmvEomFEFl/fsUt4iy5uMi88
Pk4j1YXIxeytD5pgQ7Vwrxm7QgeFUf+IKydYVffmrV3xwGWuMxBpYa3+0KZTundM
qL0OveBqUz3Kan8OaBp0KUFz2lcS9rvK0J7x/BGo1C7f+4ATXN7qx0M0/FSOv9ul
PWWr0EvemfySiL7TiTlxD0tPYCzfRn4R7z2/dFTjgs0ec4t3bsBEf8FPXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD5kOw9jI+u8irUPXK9Roky7L+YIMB8GA1UdIwQY
MBaAFKaoiwiHwy3llm+B/5Fda1/zFTLdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFpTENJZkRMZVdXYjRIX2tWMXJYX01WTXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85OGM2MDktMDdmYS00ZTJiLWI0NzYt
NmEyOWJjOWY4YTc4LzEvUG1RN0QyTWo2N3lLdFE5Y3IxR2lUTHN2NWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85OGM2MDktMDdmYS00ZTJiLWI0NzYtNmEyOWJjOWY4YTc4
LzEvcHFpTENJZkRMZVdXYjRIX2tWMXJYX01WTXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaYwMA0E
AgACMAcDBQAqCooAMA0GCSqGSIb3DQEBCwUAA4IBAQAQIq7nohyc0O+jg+3bLdzQ
NYn0VDNxgBEms5U4uvdvcIAp0mIfMwxLgy9HAH9N2M1Jbhud+cnmDxHQRr9hHq1A
J9yxT0rdML0fNZ2oxigyV8fUOt2XSiTnn0YgFen4U54I1hjSZojW/66JJq5Z8AAb
i+b/Eob88i6NjY95XM3VpVcg4ijxX2SWDCiPl2PVKJCOxRtGsb8SXudPZa7ISc2n
xLF3ipWEmpwVQJl1vzRU6EFcFh+YXUp2xpPkzEcTWI+vf0J1SUplC9GY2ZCtCknM
7PcfElkKvB+S7dDVed0wNwBlIQYXowUP99vyTCrHyP7dYc3cogIaqNVJrEicLRVb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:43 2024 by rpki-client on console-fra.rpki-client.org